MSIE VML exploited

does NOD32 - v.1.1770 (20060923)
already contain any kind of protection against this?

(of course i do not say you can use IE better than alternatives like firefox )

grtz

 

Version=1.1769 (20060923)
BAT/StartDcom.A, BAT/TGF, Bat2Exec.Stella.B,HTML/Exploit.VMLFill (3), IRC/SdBot (6), JS/TrojanDownloader.Agent.NAA, Win32/Adware.404Search, Win32/Adware.Agent.AM (5), Win32/Bifrose.AAF, Win32/Bifrose.AAG, Win32/Brontok.CH, Win32/Exploit.Agent.AE, Win32/Hupigon (6), Win32/Hupigon.CFZ, Win32/Liondoor, Win32/NoonLight.Q (2), Win32/Prorat.FM, Win32/PSW.Agent.NAP (2), Win32/PSW.Agent.NAQ (2), Win32/PSW.Delf.NBK (3), Win32/PSW.Delf.NBL (4), Win32/PSW.LdPinch.AXQ (2), Win32/PSW.LdPinch.NCB (3), Win32/PSW.Legendmir, Win32/PSW.Legendmir.BBN (2), Win32/PSW.Lineage.AJP (2), Win32/PSW.QQPass.IW, Win32/PSW.Small.BS, Win32/Rbot (5), Win32/Small.JL (2), Win32/Spy.Bancos.U (2), Win32/Spy.Banker.ANV, Win32/Spy.BZub.NAO (3), Win32/Spy.BZub.NAP (2), Win32/Spy.Delf.NDH (2), Win32/Spy.Goldun.MS (4), Win32/Spy.Goldun.NAJ (3), Win32/TrojanDownloader.Adload.FR, Win32/TrojanDownloader.Banload.NIW (2), Win32/TrojanDownloader.Delf.AYE (2), Win32/TrojanDownloader.Delf.NNO, Win32/TrojanDownloader.Delf.O G, Win32/TrojanDownloader.Oleloa, Win32/TrojanDownloader.Oleloa.E (2), Win32/TrojanDownloader.Small.AWA, Win32/TrojanDownloader.Small.DIB, Win32/TrojanDownloader.Small.NOX, Win32/TrojanDownloader.Small.NOZ (2), Win32/TrojanDownloader.Small.NPA (2), Win32/TrojanDownloader.Zlob.ADA (3), Win32/TrojanDownloader.Zlob.ADB (2), Win32/TrojanDownloader.Zlob.ADC (3), Win32/TrojanDownloader.Zlob.ADS (4), Win32/TrojanDropper.Mudrop.V, Win32/TrojanDropper.MultiJoiner.CK, Win32/VB.AMD (2), Win32/VB.AXZ, Win32/Viking.AE (2), Win32/Viking.AK (3), Win32/Viking.AO, Win32/Viking.AP, Win32/Viking.AR, Win32/Viking.NAM, Win32/WinterLove.AV (2), Win32/Zapchast (2)

 

thnx guys,

i think i'm gonna grab a beer now

i can encourage you to do the same....... cheers!

 

I'd like to add that you should be protected against all future variants - we have improved generic detection and released 2 updates shortly after each other.

 

yes, I saw 1770 coming in, and on the eset site 1771 announced already.
this is nice!

btw my beer tastes very good ;-)

greetings from holland

 

duijv023's , when you want to search something in NOD32 UPdates database you may use the nod32sse.com website.

 

thanks,
i didn't know that site, nice info!

 

It is in my signature for a long time.

 

NOD32 doing it's job

Went to the Zert website to download a temporary patch for the buffer overflow in VLM library used by Microsoft IE and Outlook (until MS releases the official patch in October).

While at this site http://isotf.org/zert/download.htm I decided to click on the link that tests the temporary emergency patch. It states an unpatched IE will crash when the link is clicked. I clicked on this link with IE unpatched and IMON immediately popped up with a message box stating it had detected some nasty files and denied me access to the site.

Way to go NOD32!

 

Re: NOD32 doing it's job

Don't worry, you are fully protected. A couple of hours ago, I ran into an exploit variant detected only by NOD32 and the guys from the lab confirmed it was not a false positive.

 

Just to inform you , Microsoft already released an official patch for this available for all genuie MS users on http://windowsupdate.microsoft.com

It needs no restarting , though

Excellent job , ESET !

 

they were faster this time. Thx for the info HiTech boy

 

No problems!